Singapore Police, Cyber Security Agency alert the public to PayPal account scam

The Singapore Police Force (SPF) and the nation’s Cyber Security Agency (CSA) have noticed a latest spate of instances involving cybercriminals utilizing compromised PayPal accounts for transactions. The two have issued a joint alert via a press launch.

From January 1 to February 9, 2024, a complete of 27 such instances involving hacked PayPal accounts have been reported to the police.

• In these instances, victims would obtain automated notifications from PayPal both in the type of e-mails or PayPal’s inbox messages, informing them of varied actions resembling profile adjustments and receipts for transactions on their account.
• Upon checking their PayPal accounts, some victims found that funds from unknown sources have been deposited, or that funds have been being transferred to unfamiliar financial institution accounts added by the cybercriminals.
• Subsequently, the cybercriminals would provoke a chargeback request. The victims would then obtain an automatic notification, and funds have been recovered from their accounts, leading to a deficit stability.

The compromise of on-line credentials and passwords might be due to a number of causes, which embrace:

• Using weak passwords.
• Visiting phishing web sites that ask in your on-line credentials and/or passwords, and downloading unverified apps despatched by way of e-mails, SMSes, textual content messages or messages from social media platforms.
• Visiting web sites or downloading recordsdata which can be contaminated with malware designed to steal victims’ credentials.
• Re-using the similar password for a number of on-line accounts. (When on-line companies or platforms are concerned in knowledge breach incidents, it could trigger your reused on-line credentials and passwords to be compromised).

The protected use of on-line cost platforms should be accompanied by robust cyber-hygiene practices by the customers to make sure that their on-line credentials and passwords are secured.

Security steps to comply with for PayPal accounts

● Setting up a passkey for PayPal accounts

Use Face ID or Touch ID

● Setting up 2FA for PayPal accounts

1. Log in to your PayPal account via your internet browser (and never the PayPal app)

2. Click the ‘Settings’ icon

3. Click ‘Security’ close to the prime of the web page

4. Click ‘Set Up’ / ‘Update’ to the proper of ‘2-step verification’

5. Select ‘Use an authenticator app’, click on ‘Set it Up’ and comply with the steps on the display screen

● Turning off auto-login in PayPal

Turn off auto-login from any browser or machine you not use or recognise

Precautionary measures and cyber-hygiene suggestions

Members of the public are suggested by the SPF and the CSA to undertake the following precautionary measures and cyber-hygiene suggestions:

● ADD – safety features to your PayPal account by enabling passkeys and two-step verification (2FA). Passkeys are a safe login commonplace, permitting you to log in to PayPal utilizing the similar biometrics or machine password you utilize to unlock your machine.

Enable transaction alerts and overview all transactions often for any suspicious actions. You are additionally strongly inspired to set up anti-virus apps in your gadgets that may detect malware and block entry to phishing hyperlinks.

The CSA has additionally put collectively a listing of advisable apps out there at https://www.csa.gov.sg/Tips-Resource/Resources/recommended-security-apps-list.

● CHECK – that you’re utilizing a powerful password in your PayPal account. A powerful password ought to include no less than 12 characters with uppercase and lowercase letters, numbers or symbols.

Use totally different passwords for every of your on-line accounts. Even in case your PayPal account is inactive, you need to nonetheless change your passwords from time to time as a greatest apply.

Remove any gadgets that you just not use or don’t recognise in your PayPal account’s “trusted machine” checklist by reviewing and switch off “auto-login” in your PayPal account. Turn on and monitor automated transaction notifications in your PayPal account.

Be cautious of surprising requests obtained that ask in your private info, banking particulars and one-time passwords (OTPs). You shouldn’t share your private info with anybody. Do not click on on any suspicious hyperlinks, obtain unknown attachments or apps obtained by way of e-mails, SMSes, textual content messages or messages via social media platforms. They could comprise phishing hyperlinks or malicious programmes / apps used to steal knowledge out of your gadgets.

● TELL – authorities, household, and mates about scams. Report any fraudulent transactions to PayPal at spoof@paypal.com or your financial institution instantly.

If you’ve got any info relating to such crimes or in case you are unsure, please name the Police Hotline at 1800-255-0000, or submit it on-line at www.police.gov.sg/iwitness. All info can be saved strictly confidential. If you require pressing Police help, please dial ‘999’.

For extra info on scams, members of the public can go to www.scamalert.sg or name the Anti-Scam Helpline at 1800-722-6688.

227 women and men helping in scam investigations

Officers from the Commercial Affairs Department and the seven Police Land Divisions in Singapore performed a 2-week operation between February 2, 2024, and February 15, 2024.

A complete of 158 males and 69 girls, aged between 15 and 70 years, are helping in investigations for his or her suspected involvement in scams as scammers or cash mules.

The suspects are believed to be concerned in additional than 1,000 instances of scams, consisting primarily of mortgage scams, job scams, e-commerce scams, funding scams, authorities official impersonation scams, and Internet love scams, the place victims reportedly misplaced over SGD 8 million.

The suspects are being investigated for the alleged offences of offering cost companies and not using a licence, dishonest, and cash laundering. These offences appeal to a punishment of jail phrases (starting from 3 years to 10 years) and hefty fines (starting from SGD 125,000 to SGD 500,000)

56-year-old arrested as suspect in a collection of scams

Singapore Police have arrested a 56-year-old man for his suspected involvement in a collection of scams. Between November 1, 2023, and February 14, 2024, these scams cheated 36 overseas nationals out of a complete of SGD 56,710.

On February 14, the police obtained a report the place a person had collected course charges from his co-workers, allegedly on behalf of his firm, with the promise to ship the staff for programs to improve themselves.

However, the man didn’t enrol these staff for any programs regardless of amassing the cash. In a separate report, the man had additionally allegedly made a promise to one other co-worker that he would assist to discover a job for the latter’s relative on situation of a payment. However, after the cost was made to him, he didn’t do as promised.

Through follow-up investigations, officers from Clementi Police Division established the identification of the man and arrested him inside the similar day. The suspect was charged in courtroom on February 16 for the offence of dishonest.